1
22
23 package com.liferay.portal.servlet.filters.sessionid;
24
25 import com.liferay.portal.kernel.log.Log;
26 import com.liferay.portal.kernel.log.LogFactoryUtil;
27 import com.liferay.portal.kernel.util.StringPool;
28 import com.liferay.portal.kernel.util.Validator;
29 import com.liferay.portal.util.CookieKeys;
30
31 import javax.servlet.http.Cookie;
32 import javax.servlet.http.HttpServletRequest;
33 import javax.servlet.http.HttpServletRequestWrapper;
34 import javax.servlet.http.HttpServletResponse;
35 import javax.servlet.http.HttpSession;
36
37
42 public class SessionIdServletRequest extends HttpServletRequestWrapper {
43
44 public SessionIdServletRequest(
45 HttpServletRequest request, HttpServletResponse response) {
46
47 super(request);
48
49 _response = response;
50 }
51
52 public HttpSession getSession() {
53 HttpSession session = super.getSession();
54
55 process(session);
56
57 return session;
58 }
59
60 public HttpSession getSession(boolean create) {
61 HttpSession session = super.getSession(create);
62
63 process(session);
64
65 return session;
66 }
67
68 protected void process(HttpSession session) {
69 if ((session == null) || !session.isNew() || !isSecure() ||
70 isRequestedSessionIdFromCookie()) {
71
72 return;
73 }
74
75 Object jsessionIdAlreadySet = getAttribute(_JESSIONID_ALREADY_SET);
76
77 if (jsessionIdAlreadySet == null) {
78 if (_log.isDebugEnabled()) {
79 _log.debug("Processing " + session.getId());
80 }
81
82 Cookie cookie = new Cookie(_JESSIONID, session.getId());
83
84 cookie.setMaxAge(-1);
85
86 String contextPath = getContextPath();
87
88 if (Validator.isNotNull(contextPath)) {
89 cookie.setPath(contextPath);
90 }
91 else {
92 cookie.setPath(StringPool.SLASH);
93 }
94
95 CookieKeys.addCookie(
96 (HttpServletRequest)super.getRequest(), _response, cookie);
97
98 setAttribute(_JESSIONID_ALREADY_SET, Boolean.TRUE);
99 }
100 }
101
102 private static final String _JESSIONID = "JSESSIONID";
103
104 private static final String _JESSIONID_ALREADY_SET =
105 "JESSIONID_ALREADY_SET";
106
107 private static Log _log =
108 LogFactoryUtil.getLog(SessionIdServletRequest.class);
109
110 private HttpServletResponse _response;
111
112 }